This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/11098277-95a7-4f99-bb91-f65381696681.roa File: 11098277-95a7-4f99-bb91-f65381696681.roa (raw, json) Hash identifier: pWwpjuifMWr41ubCY5vJ5mWPWCzEt96rrDScGexElNw= Subject key identifier: 11:E2:AF:59:E6:6B:99:CE:CD:74:DC:EA:B4:D7:20:88:70:CA:0E:24 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 4D6EF9386F09E8C6EC54DEF9E70FADC3EE4969EC Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/11098277-95a7-4f99-bb91-f65381696681.roa Signing time: Tue 02 Dec 2025 01:40:59 +0000 ROA not before: Tue 02 Dec 2025 01:40:59 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:6e:f9:38:6f:09:e8:c6:ec:54:de:f9:e7:0f:ad:c3:ee:49:69:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:59 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=11cf60cde31b9d2e86372f98a13118afa6e92b27fb75418780b9c804fd14cdff, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:59:f2:d8:46:c5:51:80:fb:74:cc:bf:5a:3e: 7a:67:7d:aa:80:a5:54:b4:1e:a1:2d:bf:8c:cd:1f: cb:a2:f9:de:cd:a9:c1:e3:44:b9:4c:82:8c:0c:a2: 31:4c:12:d8:f5:68:a6:2c:01:e4:77:32:06:ba:2a: 9d:29:63:a4:cb:79:16:69:2f:6b:9b:34:eb:ed:dd: a9:77:3f:60:43:52:ad:96:19:81:d2:9f:d5:c1:30: 72:e0:c1:c6:9a:9b:84:39:90:87:c4:a8:c6:eb:4f: f9:51:d3:1b:e7:3a:74:11:87:c2:84:aa:d8:1e:de: 8a:12:37:3f:f2:72:93:89:df:31:7d:0b:b8:8f:52: 90:45:8a:9c:06:67:ca:0d:23:9c:9a:3c:f6:86:14: a3:72:52:61:24:90:60:20:65:ca:f5:c3:d9:9a:d3: 6f:8e:4a:be:d6:7f:9e:93:25:da:3f:57:49:c8:82: 88:dc:b1:c0:2a:5d:d2:b7:31:d6:16:f0:14:14:76: 88:05:00:8d:2e:d2:1a:17:d4:9e:4f:b2:9b:42:cf: 16:0c:2f:d1:0f:a1:9c:4b:ef:c2:14:5e:24:a7:80: f8:99:a2:0b:d0:ae:33:54:ee:f4:d6:00:fa:7d:33: 6e:c2:a2:42:10:1c:c2:e8:38:bc:ca:d4:29:a4:53: 66:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:E2:AF:59:E6:6B:99:CE:CD:74:DC:EA:B4:D7:20:88:70:CA:0E:24 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/11098277-95a7-4f99-bb91-f65381696681.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:1000::/36 Signature Algorithm: sha256WithRSAEncryption 41:86:5b:97:b5:9d:d6:97:3b:a2:09:cb:e5:6d:b8:52:0b:44: f8:e7:3e:3c:3f:2a:b0:07:da:b0:ba:92:fa:28:a5:a1:d3:0a: f5:4d:f4:d0:f4:c8:65:40:0b:22:e6:74:37:8f:af:ed:2b:e3: 30:04:9a:65:7b:14:a0:11:b0:af:7a:97:4b:2a:e3:60:53:de: ec:9f:f6:1c:92:a7:54:2b:d5:b3:86:55:7c:1f:6f:fb:ff:30: 64:54:3f:01:4d:01:55:3a:e9:a6:4a:d5:97:26:ca:79:a1:36: 29:50:ef:1b:4f:0f:fc:51:4d:8c:4f:82:de:08:d0:03:9b:97: b1:8d:d5:c9:7e:3e:27:82:dd:bd:b4:d2:5f:05:91:37:6d:80: 43:56:97:ec:57:79:35:28:88:3d:66:f0:82:60:03:c5:20:b8: 29:db:e1:ec:cd:8b:d2:89:7a:96:fb:27:3f:3b:7b:ef:61:af: 2a:57:5c:70:95:c6:22:4c:a9:39:92:20:1d:cd:cb:34:75:6d: 19:9e:e5:c5:cf:5d:53:5e:73:58:32:33:79:bf:63:1b:3f:1d: a2:c8:89:4c:fe:76:c2:fa:5d:20:9a:f8:49:31:d7:b4:37:83: ce:b1:0c:20:9b:c2:b7:6d:b6:bc:ae:b4:5d:5b:bc:c4:8a:26: 3d:83:2f:ef -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTW75OG8J6MbsVN755w+tw+5JaewwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNTlaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDExY2Y2MGNkZTMxYjlkMmU4NjM3MmY5OGExMzExOGFmYTZlOTJiMjdmYjc1 NDE4NzgwYjljODA0ZmQxNGNkZmYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZZ8thGxVGA+3TMv1o+emd9qoClVLQeoS2/jM0fy6L53s2pweNEuUyCjAyi MUwS2PVopiwB5HcyBroqnSljpMt5Fmkva5s06+3dqXc/YENSrZYZgdKf1cEwcuDB xpqbhDmQh8SoxutP+VHTG+c6dBGHwoSq2B7eihI3P/Jyk4nfMX0LuI9SkEWKnAZn yg0jnJo89oYUo3JSYSSQYCBlyvXD2ZrTb45KvtZ/npMl2j9XSciCiNyxwCpd0rcx 1hbwFBR2iAUAjS7SGhfUnk+ym0LPFgwv0Q+hnEvvwhReJKeA+JmiC9CuM1Tu9NYA +n0zbsKiQhAcwug4vMrUKaRTZj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQR4q9Z 5muZzs103Oq01yCIcMoOJDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MTEwOTgyNzctOTVhNy00Zjk5LWJiOTEtZjY1MzgxNjk2NjgxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MQ MA0GCSqGSIb3DQEBCwUAA4IBAQBBhluXtZ3WlzuiCcvlbbhSC0T45z48PyqwB9qw upL6KKWh0wr1TfTQ9MhlQAsi5nQ3j6/tK+MwBJplexSgEbCvepdLKuNgU97sn/Yc kqdUK9WzhlV8H2/7/zBkVD8BTQFVOummStWXJsp5oTYpUO8bTw/8UU2MT4LeCNAD m5exjdXJfj4ngt29tNJfBZE3bYBDVpfsV3k1KIg9ZvCCYAPFILgp2+HszYvSiXqW +yc/O3vvYa8qV1xwlcYiTKk5kiAdzcs0dW0ZnuXFz11TXnNYMjN5v2MbPx2iyIlM /nbC+l0gmvhJMde0N4POsQwgm8K3bba8rrRdW7zEiiY9gy/v -----END CERTIFICATE-----Generated at Sat Dec 6 09:54:20 2025 by rpki-client